The fact that nearly all users (92%) worry about their online privacy comes as no surprise, especially when multiple high-profile organizations have had sensitive data compromised in the last few years:

What is surprising from the infographic, is that health care providers are ranked most trusted (74%) when it comes to online privacy.

Can your customers trust you with their data?

Since the start of this year, there have been 164 health care data breaches submitted to the US Department of Health and Human Services (HHS), affecting more than 4.6 million people. The largest is 21st Century Oncology, which compromised over 2.2 million people’s data in April.

As with any organization, managing sensitive information across many sites, domains, servers, and people is never going to be easy. The more data you have, and the more locations you can access it from, dramatically increases the risk of compromise.

All health care plans, health care clearinghouses, and health care providers in the US that electronically transmit medical information must comply with HIPAA.

How ISO 27001 can help

Health care organizations are increasingly required to comply with multiple cybersecurity laws and regulations (such as SOX, HIPAA, the PCI DSS, and the GLBA). Combined with protecting millions of people’s data, it can cause complete havoc even in the most organized of businesses.

ISO 27001 can centralize and simplify disjointed compliance efforts. It is often the case that companies will achieve compliance with a host of related legislative frameworks, simply by achieving ISO 27001 registration.

By virtue of its all-inclusive approach, ISO 27001 encapsulates the information security elements of HIPAA by providing an auditable ISMS designed for continual improvement.

To find out more about ISO 27001 and how it can benefit your organization, read ISO27001/ISO27002 A Pocket Guide. It provides a useful overview of the standards, and is packed with practical advice for implementing an ISMS.